File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 175175 verify your identity instead of entering a OTP from your authenticator. [SoloKey](https://solokeys.com) and
176176 [NitroKey](https://www.nitrokey.com) are examples of such keys. They bring with them several security benefits.
177177 Since the browser communicates directly with the device, it cannot be fooled as to which host is requesting
178+ - point : Use Passkeys Where Available
179+ priority : Recommended
180+ details : >-
181+ Passkeys (also known as FIDO2 WebAuthn) are a passwordless authentication method that is more secure
182+ and convenient than traditional passwords. They use your devices biometric authentication (fingerprint, face ID)
183+ or a PIN to log in, and are resistant to phishing attacks. Many major services now support passkeys including Google,
184+ Apple, Microsoft, and GitHub. Consider enabling passkeys for accounts that offer them as an alternative to
185+ passwords or as an additional 2FA method.
178186 authentication because the TLS certificate is checked. [This post](https://security.stackexchange.com/a/71704) is
179187 a good explanation of the security of using FIDO U2F tokens. Of course, it is important to store the physical key
180188 somewhere safe or keep it on your person. Some online accounts allow for several methods of 2FA to be enabled.
You can’t perform that action at this time.
0 commit comments